(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests
eBook - ePub

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Mike Chapple, David Seidl

Share book
  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Mike Chapple, David Seidl

Book details
Book preview
Table of contents
Citations

About This Book

Full-length practice tests covering all CISSP domains for the ultimate exam prep

The (ISC)2 CISSP Official Practice Tests is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security.

The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know.

  • Test your knowledge of the 2021 exam domains
  • Identify areas in need of further study
  • Gauge your progress throughout your exam preparation
  • Practice test taking with Sybex's online test environment containing the questions from the book, which is supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions

The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests an online PDF/ePUB?
Yes, you can access (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests by Mike Chapple, David Seidl in PDF and/or ePUB format, as well as other popular books in Computer Science & Certification Guides in Computer Science. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Sybex
Year
2021
ISBN
9781119787648
Edition
3
Topic
Computer Science
Subtopic
Certification Guides in Computer Science
Index
Computer Science

Chapter 1
Security and Risk Management (Domain 1)

SUBDOMAINS
  • 1.1 Understand, adhere to, and promote professional ethics
  • 1.2 Understand and apply security concepts
  • 1.3 Evaluate and apply security governance principles
  • 1.4 Determine compliance and other requirements
  • 1.5 Understand legal and regulatory issues that pertain to information security in a holistic context
  • 1.6 Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
  • 1.7 Develop, document, and implement security policy, standards, procedures, and guidelines
  • 1.8 Identify, analyze, and prioritize Business Continuity (BC) requirements
  • 1.9 Contribute to and enforce personnel security policies and procedures
  • 1.10 Understand and apply risk management concepts
  • 1.11 Understand and apply threat modeling concepts and methodologies
  • 1.12 Apply Supply Chain Risk Management (SCRM) concepts
  • 1.13 Establish and maintain a security awareness, education, and training program
  1. Alyssa is responsible for her organization's security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?
    1. Gamification
    2. Computer-based training
    3. Content reviews
    4. Live training
  2. Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?
    1. Inherent risk
    2. Residual risk
    3. Control risk
    4. Mitigated risk
  3. Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party's copyright. What law governs the actions that Francine must take?
    1. Copyright Act
    2. Lanham Act
    3. Digital Millennium Copyright Act
    4. Gramm Leach Bliley Act
  4. FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?
    1. The right to access
    2. Privacy by design
    3. The right to be forgotten
    4. The right of data portability
  5. After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
    1. Accept
    2. Transfer
    3. Reduce
    4. Reject
  6. Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?
    1. Student identification number
    2. Social Security number
    3. Driver's license number
    4. Credit card number
  7. Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?
    1. Due diligence rule
    2. Personal liability rule
    3. Prudent man rule
    4. Due process rule
  8. Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?
    1. Anyone may bring charges.
    2. Any certified or licensed professional may bring charges.
    3. Only Henry's employer may bring charges.
    4. Only the affected employee may bring charges.
  9. Wanda is working with one of her organization's European Union business partners to facilitate the exchange of customer information. Wanda's organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?
    1. Binding corporate rules
    2. Privacy Shield
    3. Standard contractual clauses
    4. Safe harbor
  10. Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?
    1. GLBA
    2. SOX
    3. HIPAA
    4. FERPA
  11. Tim's organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to...

Table of contents